Revisions

  • 1.0: October 14, 2020, Initial release

Summary

APTARE version 10.5 contains fixes for security issues. It is recommended that Veritas customers update APTARE software to the latest 10.5 release.

Description

APTARE 10.5 address the following security vulnerabilities:

Issue Description Severity Fixed version

1

Authorization Bypass

Critical

10.5

2

Authentication Weakness - Login Process Bypass

High

10.5

Issues

Issue #1

Authorization Bypass

APTARE versions prior to 10.5 did not perform adequate authorization checks. This vulnerability could allow for remote code execution by an unauthenticated user.

Issue #2

Authentication Weakness - Login Process Bypass

APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. An unauthenticated user could login to the application and gain access to the data and functionality limited to that which the targeted user account has access.